CVE-2021-20610

CVSS 7.5 · High EPSS 0.66% · P71 Updated Feb 24, 2026

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2021-20610

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Description

Improper Handling of Length Parameter Inconsistency vulnerability in Mitsubishi Electric MELSEC iQ-R Series R00/01/02CPU, MELSEC iQ-R Series R04/08/16/32/120(EN)CPU, MELSEC iQ-R Series R08/16/32/120SFCPU, MELSEC iQ-R Series R08/16/32/120PCPU, MELSEC iQ-R Series R08/16/32/120PSFCPU, MELSEC iQ-R Series R16/32/64MTCPU, MELSEC iQ-R Series R12CCPU-V, MELSEC Q Series Q03UDECPU, MELSEC Q Series Q04/06/10/13/20/26/50/100UDEHCPU, MELSEC Q Series Q03/04/06/13/26UDVCPU, MELSEC Q Series Q04/06/13/26UDPVCPU, MELSEC Q Series Q12DCCPU-V, MELSEC Q Series Q24DHCCPU-V(G), MELSEC Q Series Q24/26DHCCPU-LS, MELSEC Q Series MR-MQ100, MELSEC Q Series Q172/173DCPU-S1, MELSEC Q Series Q172/173DSCPU, MELSEC Q Series Q170MCPU, MELSEC Q Series Q170MSCPU(-S1), MELSEC L Series L02/06/26CPU(-P), MELSEC L Series L26CPU-(P)BT and MELIPC Series MI5122-VW allows a remote unauthenticated attacker to cause a denial-of-service (DoS) condition by sending specially crafted packets. System reset is required for recovery.

Source: NVD (National Vulnerability Database)

CVSS Information

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Source: NVD (National Vulnerability Database)

Vulnerability Type

长度参数不一致性处理不恰当

Source: NVD (National Vulnerability Database)

Vulnerability Title

多款Mitsubishi Electric产品安全漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

Mitsubishi Electric MELSEC-Q Series等都是日本三菱电机（Mitsubishi Electric）公司的产品。Mitsubishi Electric MELSEC-Q Series是一款MELSEC-Q系列的可编程逻辑控制器。Mitsubishi Electric MELSEC-L Series是一款MELSEC-L系列的可编程逻辑控制器。Mitsubishi Electric MELSEC iQ-R series是一款可编程逻辑控制器。 Mitsubishi Electr

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE
Mitsubishi Electric Corporation	MELSEC iQ-R Series R00CPU	Firmware versions "24" and prior	-
Mitsubishi Electric Corporation	MELSEC iQ-R Series R01CPU	Firmware versions "24" and prior	-
Mitsubishi Electric Corporation	MELSEC iQ-R Series R02CPU	Firmware versions "24" and prior	-
Mitsubishi Electric Corporation	MELSEC iQ-R Series R04CPU	Firmware versions "57" and prior	-
Mitsubishi Electric Corporation	MELSEC iQ-R Series R08CPU	Firmware versions "57" and prior	-
Mitsubishi Electric Corporation	MELSEC iQ-R Series R16CPU	Firmware versions "57" and prior	-
Mitsubishi Electric Corporation	MELSEC iQ-R Series R32CPU	Firmware versions "57" and prior	-
Mitsubishi Electric Corporation	MELSEC iQ-R Series R120CPU	Firmware versions "57" and prior	-
Mitsubishi Electric Corporation	MELSEC iQ-R Series R04ENCPU	Firmware versions "57" and prior	-
Mitsubishi Electric Corporation	MELSEC iQ-R Series R08ENCPU	Firmware versions "57" and prior	-
Mitsubishi Electric Corporation	MELSEC iQ-R Series R16ENCPU	Firmware versions "57" and prior	-
Mitsubishi Electric Corporation	MELSEC iQ-R Series R32ENCPU	Firmware versions "57" and prior	-
Mitsubishi Electric Corporation	MELSEC iQ-R Series R120ENCPU	Firmware versions "57" and prior	-
Mitsubishi Electric Corporation	MELSEC iQ-R Series R08SFCPU	Firmware versions "26" and prior	-
Mitsubishi Electric Corporation	MELSEC iQ-R Series R16SFCPU	Firmware versions "26" and prior	-
Mitsubishi Electric Corporation	MELSEC iQ-R Series R32SFCPU	Firmware versions "26" and prior	-
Mitsubishi Electric Corporation	MELSEC iQ-R Series R120SFCPU	Firmware versions "26" and prior	-
Mitsubishi Electric Corporation	MELSEC iQ-R Series R08PCPU	Firmware versions "29" and prior	-
Mitsubishi Electric Corporation	MELSEC iQ-R Series R16PCPU	Firmware versions "29" and prior	-
Mitsubishi Electric Corporation	MELSEC iQ-R Series R32PCPU	Firmware versions "29" and prior	-
Mitsubishi Electric Corporation	MELSEC iQ-R Series R120PCPU	Firmware versions "29" and prior	-
Mitsubishi Electric Corporation	MELSEC iQ-R Series R08PSFCPU	Firmware versions "08" and prior	-
Mitsubishi Electric Corporation	MELSEC iQ-R Series R16PSFCPU	Firmware versions "08" and prior	-
Mitsubishi Electric Corporation	MELSEC iQ-R Series R32PSFCPU	Firmware versions "08" and prior	-
Mitsubishi Electric Corporation	MELSEC iQ-R Series R120PSFCPU	Firmware versions "08" and prior	-
Mitsubishi Electric Corporation	MELSEC iQ-R Series R16MTCPU	Operating system software version "23" and prior	-
Mitsubishi Electric Corporation	MELSEC iQ-R Series R32MTCPU	Operating system software version "23" and prior	-
Mitsubishi Electric Corporation	MELSEC iQ-R Series R64MTCPU	Operating system software version "23" and prior	-
Mitsubishi Electric Corporation	MELSEC iQ-R Series R12CCPU-V	Firmware versions "16" and prior	-
Mitsubishi Electric Corporation	MELSEC Q Series Q03UDECPU	The first 5 digits of serial No. "23121" and prior	-
Mitsubishi Electric Corporation	MELSEC Q Series Q04UDEHCPU	The first 5 digits of serial No. "23121" and prior	-
Mitsubishi Electric Corporation	MELSEC Q Series Q06UDEHCPU	The first 5 digits of serial No. "23121" and prior	-
Mitsubishi Electric Corporation	MELSEC Q Series Q10UDEHCPU	The first 5 digits of serial No. "23121" and prior	-
Mitsubishi Electric Corporation	MELSEC Q Series Q13UDEHCPU	The first 5 digits of serial No. "23121" and prior	-
Mitsubishi Electric Corporation	MELSEC Q Series Q20UDEHCPU	The first 5 digits of serial No. "23121" and prior	-
Mitsubishi Electric Corporation	MELSEC Q Series Q26UDEHCPU	The first 5 digits of serial No. "23121" and prior	-
Mitsubishi Electric Corporation	MELSEC Q Series Q50UDEHCPU	The first 5 digits of serial No. "23121" and prior	-
Mitsubishi Electric Corporation	MELSEC Q Series Q100UDEHCPU	The first 5 digits of serial No. "23121" and prior	-
Mitsubishi Electric Corporation	MELSEC Q Series Q03UDVCPU	The first 5 digits of serial No. "23071" and prior	-
Mitsubishi Electric Corporation	MELSEC Q Series Q04UDVCPU	The first 5 digits of serial No. "23071" and prior	-
Mitsubishi Electric Corporation	MELSEC Q Series Q06UDVCPU	The first 5 digits of serial No. "23071" and prior	-
Mitsubishi Electric Corporation	MELSEC Q Series Q13UDVCPU	The first 5 digits of serial No. "23071" and prior	-
Mitsubishi Electric Corporation	MELSEC Q Series Q26UDVCPU	The first 5 digits of serial No. "23071" and prior	-
Mitsubishi Electric Corporation	MELSEC Q Series Q04UDPVCPU	The first 5 digits of serial No. "23071" and prior	-
Mitsubishi Electric Corporation	MELSEC Q Series Q06UDPVCPU	The first 5 digits of serial No. "23071" and prior	-
Mitsubishi Electric Corporation	MELSEC Q Series Q13UDPVCPU	The first 5 digits of serial No. "23071" and prior	-
Mitsubishi Electric Corporation	MELSEC Q Series Q26UDPVCPU	The first 5 digits of serial No. "23071" and prior	-
Mitsubishi Electric Corporation	MELSEC Q Series Q12DCCPU-V	The first 5 digits of serial No. "24031" and prior	-
Mitsubishi Electric Corporation	MELSEC Q Series Q24DHCCPU-V	The first 5 digits of serial No. "24031" and prior	-
Mitsubishi Electric Corporation	MELSEC Q Series Q24DHCCPU-VG	The first 5 digits of serial No. "24031" and prior	-
Mitsubishi Electric Corporation	MELSEC Q Series Q24DHCCPU-LS	The first 5 digits of serial No. "24031" and prior	-
Mitsubishi Electric Corporation	MELSEC Q Series Q26DHCCPU-LS	The first 5 digits of serial No. "24031" and prior	-
Mitsubishi Electric Corporation	MELSEC Q Series MR-MQ100	Operating system software version "F" and prior	-
Mitsubishi Electric Corporation	MELSEC Q Series Q172DCPU-S1	Operating system software version "W" and prior	-
Mitsubishi Electric Corporation	MELSEC Q Series Q173DCPU-S1	Operating system software version "W" and prior	-
Mitsubishi Electric Corporation	MELSEC Q Series Q172DSCPU	Operating system software version "Y" and prior	-
Mitsubishi Electric Corporation	MELSEC Q Series Q173DSCPU	Operating system software version "Y" and prior	-
Mitsubishi Electric Corporation	MELSEC Q Series Q170MCPU	Operating system software version "W" and prior	-
Mitsubishi Electric Corporation	MELSEC Q Series Q170MSCPU	Operating system software version "Y" and prior	-
Mitsubishi Electric Corporation	MELSEC Q Series Q170MSCPU-S1	Operating system software version "Y" and prior	-
Mitsubishi Electric Corporation	MELSEC L Series L02CPU	The first 5 digits of serial No. "23121" and prior	-
Mitsubishi Electric Corporation	MELSEC L Series L06CPU	The first 5 digits of serial No. "23121" and prior	-
Mitsubishi Electric Corporation	MELSEC L Series L26CPU	The first 5 digits of serial No. "23121" and prior	-
Mitsubishi Electric Corporation	MELSEC L Series L02CPU-P	The first 5 digits of serial No. "23121" and prior	-
Mitsubishi Electric Corporation	MELSEC L Series L06CPU-P	The first 5 digits of serial No. "23121" and prior	-
Mitsubishi Electric Corporation	MELSEC L Series L26CPU-P	The first 5 digits of serial No. "23121" and prior	-
Mitsubishi Electric Corporation	MELSEC L Series L26CPU-BT	The first 5 digits of serial No. "23121" and prior	-
Mitsubishi Electric Corporation	MELSEC L Series L26CPU-PBT	The first 5 digits of serial No. "23121" and prior	-
Mitsubishi Electric Corporation	MELIPC Series MI5122-VW	Firmware versions "05" and prior	-

II. Public POCs for CVE-2021-20610

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2021-20610

请登录查看更多情报信息。

https://jvn.jp/vu/JVNVU94434051/index.htmlgovernment-resource
https://us-cert.cisa.gov/ics/advisories/icsa-21-334-02government-resource
https://nvd.nist.gov/vuln/detail/CVE-2021-20610

Same Patch Batch · Mitsubishi Electric Corporation · 2021-12-01 · 3 CVEs total

CVE-2021-20611	7.5 HIGH	Mitsubishi Electric MELSEC iQ-R series 输入验证错误漏洞
CVE-2021-20609	7.5 HIGH	Mitsubishi Electric MELSEC Q series 资源管理错误漏洞

IV. Related Vulnerabilities

Same product: MELSEC iQ-R Series R00CPU

Same vendor: Mitsubishi Electric Corporation

Same weakness: CWE-130

V. Comments for CVE-2021-20610

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2021-20610

I. Basic Information for CVE-2021-20610

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2021-20610

III. Intelligence Information for CVE-2021-20610

Same Patch Batch · Mitsubishi Electric Corporation · 2021-12-01 · 3 CVEs total

IV. Related Vulnerabilities

V. Comments for CVE-2021-20610

Leave a comment